search.rb 2.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. module Ticket::Search
  3. extend ActiveSupport::Concern
  4. include CanSearch
  5. included do
  6. scope :search_sql_query_extension, lambda { |params|
  7. return if params[:query].blank?
  8. fields = %w[title number]
  9. fields << Ticket::Article.arel_table[:body]
  10. fields << Ticket::Article.arel_table[:from]
  11. fields << Ticket::Article.arel_table[:to]
  12. fields << Ticket::Article.arel_table[:subject]
  13. where_or_cis(fields, "%#{SqlHelper.quote_like(params[:query])}%")
  14. .joins(:articles)
  15. }
  16. end
  17. # methods defined here are going to extend the class, not the instance of it
  18. class_methods do
  19. =begin
  20. search tickets preferences
  21. result = Ticket.search_preferences(user_model)
  22. returns if user has permissions to search
  23. result = {
  24. prio: 3000,
  25. direct_search_index: false
  26. }
  27. returns if user has no permissions to search
  28. result = false
  29. =end
  30. def search_preferences(current_user)
  31. return false if !current_user.permissions?(['ticket.agent', 'ticket.customer'])
  32. {
  33. prio: 3000,
  34. direct_search_index: false,
  35. }
  36. end
  37. def search_params_pre(params)
  38. params[:scope] ||= TicketPolicy::ReadScope
  39. end
  40. def search_query_extension(params)
  41. query_or = []
  42. if params[:current_user].permissions?('ticket.agent')
  43. group_ids = params[:current_user].group_ids_access(params[:scope].const_get(:ACCESS_TYPE))
  44. if group_ids.present?
  45. access_condition = {
  46. 'query_string' => { 'default_field' => 'group_id', 'query' => "\"#{group_ids.join('" OR "')}\"" }
  47. }
  48. query_or.push(access_condition)
  49. end
  50. end
  51. if params[:current_user].permissions?('ticket.customer')
  52. organizations_query = params[:current_user].all_organizations.where(shared: true).map { |row| "organization_id:#{row.id}" }.join(' OR ')
  53. access_condition = if organizations_query.present?
  54. {
  55. 'query_string' => { 'query' => "customer_id:#{params[:current_user].id} OR #{organizations_query}" }
  56. }
  57. else
  58. {
  59. 'query_string' => { 'default_field' => 'customer_id', 'query' => params[:current_user].id }
  60. }
  61. end
  62. query_or.push(access_condition)
  63. end
  64. if query_or.blank?
  65. return {
  66. bool: {
  67. must: [
  68. {
  69. 'query_string' => { 'query' => 'id:0' }
  70. },
  71. ],
  72. }
  73. }
  74. end
  75. {
  76. bool: {
  77. must: [
  78. {
  79. bool: {
  80. should: query_or,
  81. },
  82. },
  83. ],
  84. }
  85. }
  86. end
  87. end
  88. end